<?php session_start();
error_reporting(E_ALL);
if($_SESSION['loggin']==0)
{
	die('You did not login, Please login first!');
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>detail change</title>
</head>
<body>
<?php
$connection = mysql_connect("localhost", "root", "");
		if ( !$connection ) {
			die('Could not connect to localhost.');	
		}
		$db = mysql_select_db("test", $connection);
		if ( !$db) {
			die ('Could not find database test.');	
		}
		
$chan = "select * from users where name = '" . $_SESSION['username'] . "'";

$ge = mysql_query($chan,$connection);

$row = mysql_fetch_array($ge);

?>
<form action="change_password.php" method="post">  
    <table border="1" cellpadding="10px" cellspacing="0">
    <tr>
    <th>Name</th>
    <td>
    <?php echo $row['name']  ?></td>
    <td>
    <input type="text" name="cname" size="40" /> </td>
    </tr>
    <tr>
    <th>Telephone</th>
    <td>
    <?php echo $row['phone']  ?></td>
    <td>
    <input type="text" name="cphone" size="40" /> </td>
    </tr>
     <tr>
    <th>Password</th>
    <td>
    <input type="password" name="cpasswd" size="40" /> </td>
    </tr>
    <tr>
    <th>Password Again</th>
    <td>
    <input type="password" name="cpasswd2" size="40" /> </td>
    </tr>
    <tr></tr>
    </table>
    <input type="submit" name="submit" value="Submit" />
    <input type="button" value="Reset"/>
    </form>   
<?php

		if(isset($_REQUEST['submit']))
		{
		if($_POST['cpasswd']!=$_POST['cpasswd2'])
	{
		die('password are not the same, please try again');
	}
	
	$name_qry="SELECT name FROM users WHERE name =  '".$_POST['cname']."'";
	
	$name_check = mysql_query($name_qry);
	
	$name_checkk = mysql_num_rows($name_check);
	
	if ($name_checkk != 0) {
        die('Sorry, the username: <strong>'.$_POST['cname'].'</strong>'
          . ' is already taken, please pick another one.');
    						}	
		}
	$chname = "UPDATE users SET name='".$_POST['cname']."' WHERE name='".$_SESSION['username']."'";
	$chphone = "update users set phone='".$_POST['cphone']."' where name='".$_SESSION['username']."'";
	$chpassword = "UPDATE users SET passoword='".$_POST['cpasswd']."' WHERE name='".$_SESSION['username']."'";	
	if($_POST['cphone']!=0)
	$phone = mysql_query($chphone,$connection);
	if($_POST['cpasswd']!=0)
	$passw = mysql_query($chpassword,$connection);
	if($_POST['cname']!=0){
	$name = mysql_query($chname,$connection);
	$_SESSION['username']=$_POST['cname'];}
?>
</body>
</html>